What You Need to Know About Voice Hacking

June 16, 2017 • Devin Partida


As technology advances, more weaknesses and vulnerabilities appear that hackers can use to take advantage of their victims, like phishing, voice hacking and more. Identity theft is one of the most damaging forms of cybercrime, and voice hacking is a subset of that. This kind of attack involves collecting or stealing audio samples that can be used to gain access or verify an identity.

Whether you’re a high-profile, well-to-do business executive, or a traditional 9-5er, voice hacking and identity theft can ruin you all the same. It can be used to destroy your credit, sully your character, damage your career or even harass you or blackmail you.

None of these eventualities are far-fetched, either. Cybercrime damage costs are expected to exceed $6 trillion annually by 2021. High-profile hacks and breaches are becoming increasingly prevalent and cost both businesses and consumers trillions of dollars.

Even so, it’s not really clear what kind of damage can a voice hack do? Let’s take a closer look to find out.

What Is a Voice Hack?

This kind of breach involves collecting a sample or audio recording of your voice that can be used for speech and voice recognition. In the past, this may not have been such an issue, but, today, more security teams are relying on voice recognition as a common form of authentication.

For example, a bank may require you to speak a special password, out loud, to verify your identity. One of the biggest benefits of using this form of personal identification is to boost productivity and efficiency. Customers can quickly confirm their identity to reps, while those reps can just as easily establish the trust they need to provide access accounts, sensitive data and more.

voice hacking

The Treat of an Authentication Breach

If you never use this form of authentication, it’s easy to dismiss the threat as something that doesn’t apply to you. But there are a growing number of voice dictation and command tools that require you to speak, as well.

This includes a spectrum of bots, from AI and assistants like Siri, Alexa and Google to apps like WeChat, Facebook and more. Not only do they listen to your voice, they often record your tone and phrases and store that data in the cloud for reference later.

Of course, those platforms don’t use the data collected for anything nefarious. They are simply so the tool and assistant can more accurately understand your commands, but, in the wrong hands, this data can be damaging.

With the right toolsets, hackers can record and access a convincing audio sample. This can be played back to trick customer service associates and even digital security systems.

To make matters worse, once a voice sample has been collected, that’s it, the hackers can use it any way they see fit, and, with the right tools, it’s possible they can even modify what’s being said or communicated.

Protection, security and privacy then become more about preventative measures because, again, once a recording is made, your voice is compromised.

How Can You Protect Yourself?

The glaring issue with preventative measures is that all your effort and all your investments go into actually stopping a breach or attack. Generally, they don’t take into account the aftermath or even help with damage control.

Sadly, there’s just not much you can do once a hacker has sensitive data — like your voice — in their hands. You can cancel accounts, shut down or freeze credit cards and contact your bank and better protect your money. That said, all these measures can be pretty inconvenient, especially when you need to spend money or use your credit, and that never stops — you always need some form of currency.

Protect a Valuable Asset

So, how do you protect yourself, especially when it comes to your voice? You can’t rightly lock down your vocal chords and adopt a vow of silence.

Luckily, developers and engineers are already working on security solutions for everyone. Researchers at the University of Buffalo, for example, have come up with a way to use a smartphone’s compass to prevent this type of hacking.

Thanks to magnetic fields — which are a core element of audio and recording playback — the app can use a compass to detect the proximity of a voice and better identify if it’s fake or real, and that’s just the beginning. The Buffalo researchers are one of many teams coming up with more secure technology and protocols.

Take, for instance, the new encryption protocols being deployed in self-driving vehicles to help them prevent and thwart cyberattacks. That’s going to be a big deal in the future, as no one wants to be trapped inside a vehicle someone unscrupulous has control over.

The takeaway is that while, yes, you should always be cautious, there’s no need to be paralyzed with fear. Better security measures and protocols are on their way.